I have a question about the Oauth 2.0 popup flow. I¹m looking at OAuth¹s 1.0 flow, because I¹m not seeing corresponding documentation for 2.0.
http://shindig.apache.org/shindig-1.1.x/shindig-features/jsdoc/symbols/gadge ts.oauth.Popup.html Anyway... 1 of my questions is... WHO closes the popup window? Is that spec¹d out somewhere? Is it the authorization server that does that or am I missing something in the flow? I see the popup polls the window to detect when it¹s closed and then tries to fetchData again. Secondly... we have a need to redirect to the oauthApprovalUrl, but our implementation doesn¹t have any UI. It just uses the request data to authorize. Thus I really don¹t need a popup, so it would be desirable to have the gadget just make the request without having to click on a link. However, this will get stopped by popup blockers. Is there another way of doing this via maybe an hidden iframe or something? But how would I detect it¹s done? Ideas? Thanks, doug
